Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/EfSkaecWhU-Hgu4kIWCPtGdSJVE.roa
File: EfSkaecWhU-Hgu4kIWCPtGdSJVE.roa (raw, json)
Hash identifier: u5+swR3QS49TVAA33jxv+/cMSra0OXIA/Mb7jN07Dx0=
Subject key identifier: 11:F4:A4:69:E7:16:85:4F:87:82:EE:24:21:60:8F:B4:67:52:25:51
Certificate issuer: /CN=d3e97033a36aa9bcc0c2f167e620d7ca1493cbea
Certificate serial: 018E13A62BAC5119309D4FE3B830A2EE734A
Authority key identifier: D3:E9:70:33:A3:6A:A9:BC:C0:C2:F1:67:E6:20:D7:CA:14:93:CB:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0-lwM6NqqbzAwvFn5iDXyhSTy-o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/EfSkaecWhU-Hgu4kIWCPtGdSJVE.roa
Signing time: Wed 06 Mar 2024 12:04:01 +0000
ROA not before: Wed 06 Mar 2024 12:04:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49037
IP address blocks: 46.226.160.0/21 maxlen: 32
80.72.16.0/21 maxlen: 32
80.72.24.0/22 maxlen: 32
89.169.52.0/22 maxlen: 32
92.118.72.0/22 maxlen: 32
92.246.132.0/22 maxlen: 32
92.246.136.0/21 maxlen: 32
94.141.100.0/22 maxlen: 32
95.174.96.0/19 maxlen: 32
178.212.139.0/24 maxlen: 32
185.9.184.0/22 maxlen: 32
185.136.32.0/22 maxlen: 32
185.230.240.0/22 maxlen: 32
185.230.241.0/24 maxlen: 24
185.230.242.0/24 maxlen: 24
217.144.176.0/20 maxlen: 32
2a00:8740::/32 maxlen: 128
2a0b:1c40::/29 maxlen: 128
2a12:3280::/32 maxlen: 128
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/0-lwM6NqqbzAwvFn5iDXyhSTy-o.crl
rsync://rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/0-lwM6NqqbzAwvFn5iDXyhSTy-o.mft
rsync://rpki.ripe.net/repository/DEFAULT/0-lwM6NqqbzAwvFn5iDXyhSTy-o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 19 Jun 2024 06:00:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:13:a6:2b:ac:51:19:30:9d:4f:e3:b8:30:a2:ee:73:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3e97033a36aa9bcc0c2f167e620d7ca1493cbea
Validity
Not Before: Mar 6 12:04:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=11f4a469e716854f8782ee2421608fb467522551
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:0e:ef:09:9b:20:e1:53:34:92:fe:98:85:a3:
3b:d5:4b:de:6c:b8:40:e6:f5:81:8d:bb:9f:5f:58:
03:b3:41:f8:a8:c7:40:3e:98:5e:76:59:15:62:27:
8e:fa:02:46:ec:53:45:e3:59:b6:44:ce:19:20:29:
6d:42:f9:33:99:ec:13:b1:90:6d:9d:8a:5b:8c:68:
58:7b:f5:a6:96:12:6a:ac:37:36:49:0d:b9:70:e2:
60:20:55:89:e1:f0:25:73:9b:e7:6e:6f:92:bb:9b:
43:e0:75:db:19:46:09:00:2b:41:41:57:46:62:78:
2e:b0:96:f3:f0:ea:27:23:ba:db:d4:2c:88:00:24:
c2:f8:9a:f0:55:23:e0:a1:12:b1:80:5a:0f:f6:16:
a6:73:3a:ab:9f:47:78:3a:35:a9:95:09:6f:14:65:
cd:79:4a:0a:7a:00:66:8c:23:5c:8c:70:8a:a9:47:
c6:f0:33:8c:e2:71:97:5c:e7:9e:ee:a9:b4:7c:8f:
aa:de:d1:ff:43:01:a6:8e:00:ec:a6:32:7c:8d:67:
42:7d:b4:55:8d:65:f3:f1:02:b7:dd:3f:71:59:18:
46:3a:06:87:30:9a:76:ff:c3:1f:ba:71:f1:8d:c3:
72:df:3d:6b:d0:8b:8c:a9:9d:75:17:3d:b0:3a:ed:
08:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:F4:A4:69:E7:16:85:4F:87:82:EE:24:21:60:8F:B4:67:52:25:51
X509v3 Authority Key Identifier:
keyid:D3:E9:70:33:A3:6A:A9:BC:C0:C2:F1:67:E6:20:D7:CA:14:93:CB:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0-lwM6NqqbzAwvFn5iDXyhSTy-o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/EfSkaecWhU-Hgu4kIWCPtGdSJVE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/0-lwM6NqqbzAwvFn5iDXyhSTy-o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.226.160.0/21
80.72.16.0-80.72.27.255
89.169.52.0/22
92.118.72.0/22
92.246.132.0-92.246.143.255
94.141.100.0/22
95.174.96.0/19
178.212.139.0/24
185.9.184.0/22
185.136.32.0/22
185.230.240.0/22
217.144.176.0/20
IPv6:
2a00:8740::/32
2a0b:1c40::/29
2a12:3280::/32
Signature Algorithm: sha256WithRSAEncryption
22:c4:df:c8:b6:dc:86:51:31:35:be:59:a3:af:cb:c9:e2:7b:
5b:1e:f2:5b:fc:57:d7:73:7d:7e:85:93:a8:45:70:8e:89:c8:
fe:f4:1e:d5:09:ad:e5:63:10:d2:ec:19:87:79:0b:1b:41:b6:
0f:90:3c:d1:80:36:78:b2:3c:5a:71:f6:ae:fc:cc:8b:63:12:
6e:67:a2:f4:bd:e2:10:0f:a4:a6:25:ae:66:97:20:97:03:4b:
18:30:a5:a5:d9:c7:ac:c9:38:b3:fb:cc:4c:2a:a6:fd:67:ca:
c8:78:4e:98:99:2d:60:b8:b5:78:b7:4a:b0:e6:83:bc:2a:0c:
f9:69:51:80:68:7b:49:d3:68:59:ed:a9:39:8f:80:cd:5b:b7:
d0:0a:cf:94:6c:30:c2:74:da:0b:c3:3b:f5:8f:8c:7a:d9:27:
6e:fa:10:c8:77:fe:02:ea:00:7b:bd:58:80:95:8f:0a:6c:90:
cc:93:d9:e0:31:51:1e:16:9e:c4:3e:ac:5b:ff:0c:19:7f:7e:
95:04:2f:f7:e2:43:b0:cb:14:7e:5e:d6:c1:0a:35:a8:a1:09:
39:48:39:a4:1b:1d:1b:52:ba:e5:a0:22:79:1b:1f:e8:64:96:
43:07:1a:63:a7:d0:db:44:f5:0e:86:50:a9:3d:79:a2:d3:81:
da:f1:93:d0
-----BEGIN CERTIFICATE-----
MIIFbTCCBFWgAwIBAgISAY4TpiusURkwnU/juDCi7nNKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzZTk3MDMzYTM2YWE5YmNjMGMyZjE2N2U2MjBkN2NhMTQ5
M2NiZWEwHhcNMjQwMzA2MTIwNDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMWY0YTQ2OWU3MTY4NTRmODc4MmVlMjQyMTYwOGZiNDY3NTIyNTUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlA7vCZsg4VM0kv6YhaM71UvebLhA
5vWBjbufX1gDs0H4qMdAPphedlkVYieO+gJG7FNF41m2RM4ZICltQvkzmewTsZBt
nYpbjGhYe/WmlhJqrDc2SQ25cOJgIFWJ4fAlc5vnbm+Su5tD4HXbGUYJACtBQVdG
YngusJbz8OonI7rb1CyIACTC+JrwVSPgoRKxgFoP9hamczqrn0d4OjWplQlvFGXN
eUoKegBmjCNcjHCKqUfG8DOM4nGXXOee7qm0fI+q3tH/QwGmjgDspjJ8jWdCfbRV
jWXz8QK33T9xWRhGOgaHMJp2/8MfunHxjcNy3z1r0IuMqZ11Fz2wOu0I9wIDAQAB
o4ICeTCCAnUwHQYDVR0OBBYEFBH0pGnnFoVPh4LuJCFgj7RnUiVRMB8GA1UdIwQY
MBaAFNPpcDOjaqm8wMLxZ+Yg18oUk8vqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMC1sd002TnFxYnpBd3ZGbjVpRFh5aFNUeS1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS81YTMyMGItZTk0Zi00MWM5LTgyZjMt
ZGJmOWQ0MWYxNzk4LzEvRWZTa2FlY1doVS1IZ3U0a0lXQ1B0R2RTSlZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS81YTMyMGItZTk0Zi00MWM5LTgyZjMtZGJmOWQ0MWYxNzk4
LzEvMC1sd002TnFxYnpBd3ZGbjVpRFh5aFNUeS1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGOBggrBgEFBQcBBwEB/wR/MH0wXgQCAAEwWAMEAy7ioDAM
AwQEUEgQAwQCUEgYAwQCWak0AwQCXHZIMAwDBAJc9oQDBARc9oADBAJejWQDBAVf
rmADBACy1IsDBAK5CbgDBAK5iCADBAK55vADBATZkLAwGwQCAAIwFQMFACoAh0AD
BQMqCxxAAwUAKhIygDANBgkqhkiG9w0BAQsFAAOCAQEAIsTfyLbchlExNb5Zo6/L
yeJ7Wx7yW/xX13N9foWTqEVwjonI/vQe1Qmt5WMQ0uwZh3kLG0G2D5A80YA2eLI8
WnH2rvzMi2MSbmei9L3iEA+kpiWuZpcglwNLGDClpdnHrMk4s/vMTCqm/WfKyHhO
mJktYLi1eLdKsOaDvCoM+WlRgGh7SdNoWe2pOY+AzVu30ArPlGwwwnTaC8M79Y+M
etknbvoQyHf+AuoAe71YgJWPCmyQzJPZ4DFRHhaexD6sW/8MGX9+lQQv9+JDsMsU
fl7WwQo1qKEJOUg5pBsdG1K65aAieRsf6GSWQwcaY6fQ20T1DoZQqT15otOB2vGT
0A==
-----END CERTIFICATE-----
Generated at Tue Jun 18 12:12:25 2024 by rpki-client on console-fra.rpki-client.org